WANs Take Centerstage: what's making them faster, secure and more reliable?

There's an increasing need for organizations to

communicate more effectively, whether it's within the office between offices

across different geographical locations. This calls for a robust communication

infrastructure. While local communication isn't so difficult, as you have

plenty of bandwidth on the LAN, and voice calls are also pretty cheap, the

trouble comes while communicating over long

distance. Using basic email and phone calls is just not

sufficient anymore. For instance, you can afford to have a web page not loading

from a website, but what if it's your business application? You can't afford

to have packet losses on that. Moreover, this communication has to happen over

secure links and in encrypted format. This also raises another question. Is your

business application optimized to work over WAN links? Can it work over a low

bandwidth connection? Several key trends are taking shape in WANs, which can

help in answering these questions. For instance, one Web technology making waves

in the Internet world is AJAX, which can help enterprise applications run over

low-bandwidth connections. IPVPNs are picking up for secure communication over

long distances, and there's even an option to outsource your WAN

infrastructure management. In this story, we look at all these and more for your

consideration.

IP-MPLS is the default choice

Deepak Maheshwari Secretary — ISP Association of India Being more nimble and closer to the customer as well as operating in a highly competitive market, it should not come as a surprise that ISPs began offering VPN services in India in 1999. Slowly, VPN based on IP-MPLS technology has become the de facto platform of choice for WAN-again, a trend started by the ISPs in India almost five years back. Large organizations could extend leased line networks only to select sites due to high cost and the skills required to manage the same, even they are choosing VPN to augment more and more sites within their networks. At the same time, for many SMEs who could not ever think of multi-location leased line networks, VPN opens up new opportunities. One needs to connect to the local PoP of the service provider at the respective locations and thereafter, the service provider ensures the transmission across different locations. Moreover, the CIO can add and modify locations, bandwidth, priority and even the physical media and/or routing-all this on-the-fly on a real-time basis using a dashboard on his screen and respond to the mission-critical business support system. In the times to come, security and manageability would become more crucial as well as anything that lets the users manage the priority in an even more dynamic and challenging fashion. There would be a higher mix of physical media; the size of the WANs is also set for massive growth-to thousands of locations as the enterprise connectivity is extended to partners, vendors, suppliers and customers! Thus, a VPN offers reliability, security and quality on a public network with the added benefit of flexibility. Actually, VPN also bestows us with the benefits of openness and efficiency inherent in the Virtuous Public Network better known as the 'Internet'. Usage has also evolved to beyond just data to include voice and video. For more than one and a half year, the confusion over the licensing pre-requisites for VPN have kept many a prospects to take the plunge for VPN - more than anything else. However, that stage is over. In fact, in the latest amendments to the licenses 'leased line' itself has been defined as VPN!

IP VPNs



IP VPNs are emerging as a popular WAN connectivity solution, since it

provides both technological and business benefits over traditional VPN

technologies. In fact, the world over, they're fast replacing legacy Frame

Relay and ATM networks that were used by enterprises. This is largely because of

the huge cost advantage that they offer over the legacy technologies.

Currently, there are several different types of deployments

available for IP VPNs. If the requirement is to provide remote access to

individual users, then that would use SSL or IPSec encryption for the job. As

SSL doesn't require any clients, it makes for the cheapest extranet solution.

As a result, SSL VPNs are the obvious choice for remote-access technology as

they integrate end-point security and stronger authentication within themselves

in the times to come.

If multiple sites are to be connected, then the solution is

site to site IP VPN, while if a very large enterprise class IP VPN is required,

then there's the Multi-Label Protocol Switching based IP VPN, which uses a

large carrier's MPLS solution. MPLS has gained momentum because with this one

technology you can converge all means of data transfer that include data, video

and audio. Consequently, standardization efforts need to be made for both

network-to-network and user-to-network interfaces. While MPLS seems to offer

great convergent solutions, quality of service and support for firewalling, spam

and content filtering, it lacks on one factor: that it does not offer the

required level of encryption. And that's the end where the IPsec picks up

from. It provides the necessary encryption to make use of the Internet as the

carrier for transferring data across WANs. 

So these technologies have turned out to be serious

contenders with the enterprises for both fresh deployments as well as upgrades.

And what remains to be seen is which sectors of the enterprise go in for

building them themselves and which ones would want to buy them.

WAN optimization



The philosophy deals with removing the latency associated with data transfer

over WANs. Current WAN optimization devices claim to provide three to five times

the native transfer speeds. For this, the devices use CIFS (Common Internet File

Sharing) protocol. This is in line with the increase in the number of vendors

offering WAFS (Wide Area File Services)-which is basically, file and print

services over WANs. WAFS has a two-fold purpose: one, it helps take over file

server facilities at branch office levels as well as provide a common data

storage location for compliance purposes. WAFS devices are expected to take over

a major share of enterprise WAN based file services in the coming years and a

number of products are available from vendors such as Cisco, Juniper Networks

and F5. 

However, manageability of WAN optimization devices are

still not quite yet on-par with similar devices and systems-so, you would need

to seriously sit down with your vendor and look at what features it offers

before making the investment since downtimes here can become quite costly to

your business.

Adaptive WANs



How would you like a network that is always available, ultra-reliable and

very predictable at all times? Well, if Ciena's offering is not a dream, it

does just that. It's called an 'Adaptive WAN' and is



being pushed forward for business continuance applications in enterprises. This

WAN does not require new deployments and can be used with your existing

deployments. Multiple applications can be



collated into one 'wire' (so to speak), enabling a high degree of

manageability. Applications can be monitored and tuned for reliability. The

Adaptive WAN is suited for



enterprises that have multi-site assets and operate on time-sensitive

applications.

Wireless broadband



Devices that are wireless and online are significantly going mainstream.

These include both personal computers like laptops and smart phones. The advent

of high-speed mobile communications (although not yet prevalent in India) like

3G are increasing the number and criticality of the enterprise applications that

can be used from such devices. 

The TIA (Telecommunications Industry Association, UK)

predicts that there would be about 270 million wireless devices in use and

online worldwide in the next three years. Already, we are well on the way there,

with 25 million wireless devices being deployed in the past one year alone.

This trend could well be helped along by the shot in the arm that wireless

services are due to get quite soon with the



introduction of UTMS TD-CDMA that offers 40-70 Mbps transfer rates when you're

moving at nearly 130 Kmph. UTMS TD-CDMA is an emerging 3G standard (packet

switched data and VoIP transmissions with QoS) that is slated to significantly

change the way our mobile networks operate.

Outsourcing



A high 74% of the IT executives surveyed by a London-based firm earlier in

February reported they outsourced their WAN worries, mostly because of lower

running costs and manageability. Other major pain points included the ability to

troubleshoot quickly, timely restoration of links and billing.

Running costs go on a rise when more workers logon to their

workplace from all over the globe as enterprises expand operations and move out

of their single-campus presence and seek out the world.

The ability to guarantee connectivity and reliability of

that connection to your remote workers needs personnel presence at those remote

sites, not a very pocket-friendly prospect for most enterprise, regardless of

size and skill. This necessitates off-loading those concerns to a third-party

entity, who may do it at a lesser cost.

Higher bandwidth



Bandwidth costs have plummeted and availability has doubled over the past

year. ISPs in India have correspondingly passed on those benefits to their

customers-by upgrading bandwidth packages at no additional cost twice in the

last one year.  However, it appears that this has not come completely free

of cost. There is a raging debate going on about how the rising costs of

maintaining smooth functioning of the Internet be managed.

Some say that the costs should be off-loaded onto the home

user, which has been subsidized by business accounts for a long time. This would

be accomplished by a user-neutral policy, where both sets of customers would be

treated on par by the ISP and provided QoS on par with each other. The other

camp believes that current parity needs to be maintained for fear of losing the

pie completely. A third camp advises an application-fee based regime where the

cost of service would be linked to the type of application (meaning high QoS

requiring applications like VoIP and video on the Net for instance would attract

higher fees). In this system, it would be the application service provider who

pays the fee, subsidizing the end-user.

IPv6 comes of age



IPv6 is no longer a protocol that's best implemented in a lab or a network

run by geeks. It has come of age and is proving itself on both performance as

well as robustness. In response to the Internet2 challenge, the University of

Tokyo along with Pacific Northwest Gigapop, JGN2, WIDE Project and Chelsio

Communications successfully achieved a data rate of 6.18 Gbps over five

different public international networks covering well over 18,600 miles of

cabling. In comparison, the IPv4 record stands at 7.99 Gbps for the same

distance but over eight networks. This is being seen as proof that IPv6 can now

handle high-performance network applications and can take over from IPv4.

On the software front, the new Windows OS (Vista)

integrates support for IPv6 protocol in a big way- it is installed by default

and wherever you can configure IPv4



settings, you can also provide corresponding IPv6 settings. See our seperate

feature on Vista elsewhere in this issue.

Triple play



Triple play is the term used to



refer to the simultaneous transmission of data, voice and video over the same

wire. Increasingly, this is becoming mainstream in both the business and home

segments. For the home user for instance, IPTV is driving the boom forward. With

fixed line operators seeking to push broadband Internet and high-bandwidth media

applications onto their wires, the cable TV operators themselves are getting

into the action by offering Internet as well as IPTV on their network to counter

the move by the fixed-line operators.

This war of course is well-watered down in India. However,

in the USA, which is seeking to battle with the penetration levels of broadband

Internet in the ASEAN, this is an aggressive



contest, with companies (telecom and ISP) seeking to consolidate their market

positions. The recent takeover of AT&T Wireless by Cingular is perhaps a

good example.

The Net Neutrality bill (so to say, 'Internet Non

Discrimination Act 2006') introduced in the US



Senate by Ron Wyden (and discussed in the 'Higher bandwidth' section earlier

in this story) seeks to encourage fair play in triple play services by

restricting fat-pipe owners from proffering preferential treatment to particular

entities and hand the others a rough deal.

High-speed routing



We are all used to our network speeds not being 'quite there', even if

we're using theoretically fat pipes (like 100 Mbps or even gigabit links).

This is because of the way standard TCP works. TCP is, when you get down to

analyzing it for high-traffic networks, a really really bad and miserly

protocol.

What it does is when it detects the slightest hint of

sluggishness on the wire, it compensates heavily and ends up sending much

smaller packets than it actually can. In the same way, it never makes full use

of the pipe when the traffic is low enough either. This is easily fixed



if you implement HS-TCP (High Speed TCP, IETF RFC 3649). This is a protocol

optimized for high- traffic high-latency networks and responds better to network

congestion. The current state of HS-TCP is that it is still classified

'experimental'. However, some



researchers consider it stable enough to warrant an inclusion into the standards

and implementable class. Using its re-designed algorithms, HS-TCP is able to

adjust its packet transfer windows to a more optimum size and recover quickly

from high-latency conditions compared to standard TCP. Keeping pace with this

requirement, the new Vista OS has a completely re-written TCP stack called the

'Next Generation TCP/IP'.

In India, both ISPs and vendors are talking about MPLS in a

big way. Banks have already adopted it. When will other sectors like

manufacturing and business services follow? That's worth watching.

Rinku Tyagi and Sujay V Sarma